Implementing Cisco Secure Mobility Solutions (SIMOS, legacy) — Question 28

Which encryption and authentication algorithms does Cisco recommend when deploying a Cisco NGE supported VPN solution?

Answer options

• A. AES-GCM and SHA-2
• B. 3DES and DH
• C. AES-CBC and SHA-1
• D. 3DES and SHA-1

Correct answer: A

Explanation

Cisco recommends using AES-GCM and SHA-2 for their enhanced security features and efficiency in a VPN environment. The other options, such as 3DES and SHA-1, are considered less secure and are not recommended due to vulnerabilities. AES-CBC also lacks the advantages provided by GCM in terms of performance and security.